>Setting up Secure Boot on Arch with sbctl
># sbctl enroll-keys -m
>Warning: Some firmware is signed and verified with Microsoft's keys when secure boot is enabled. Not validating devices could brick them. To enroll your keys without enrolling Microsoft's, run: sbctl enroll-keys. Only do this if you know what you are doing.
Spooky how omitting two little characters could brick your machine.

>>105735695 (OP)
>Vendor Keys: none

>>105735695 (OP)
Just disable pajeetboot

>>105735695 (OP)
Secure boot is a meme, physical access to the machine is the end regardless of whether it was enabled or not. It's an attempt to lock in consumers to Windows that is masquerading as security theater

>>105735695 (OP)
>Linux Mint doesn't have this problem
>Proper vendors doesn't have this problem
I have an Ubuntu based and I enrolled my own keys in order to have Njudea driver installed. When I check the keys, only keys from Ubuntu and mine.
>Arch
Found your problem, using hobbyist distro.

>>105736392
I don't think it's a distro issue, it's the hardware that comes with it or not, and gets bricked or not without vendor keys. My laptop has an option in bios that says restore keys to factory so I assume it wouldn't get bricked but I'd rather not find out. And I thought mainstream distros just used microsoft signed shim.

>>105736431
Well I can't respond that. In my Laptop vendor keys and in my PC only Ubuntu and mine(ngoyvidea driver)